summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeels Hofmeyr <nhofmeyr@sysmocom.de>2016-05-02 15:57:53 +0200
committerNeels Hofmeyr <nhofmeyr@sysmocom.de>2017-01-23 13:56:00 +0100
commita2922c095ca60eba5ab27da09cc7de5f5c08a8ef (patch)
treec17caf5626f5e865ac7c35f2c597044a21eb02e4
parent1793a588888235f3943daa1fd85ce635f3d6e1a6 (diff)
paging: actually verify subscriber authorization
Before this, any paging response would be accepted by the CN, without checking the database whether the subscriber is in fact authorized. The probability that a subscriber would be able to take unauthorized action is slim, nevertheless checking authorization status with the database should happen before we accept a connection.
-rw-r--r--openbsc/src/libmsc/gsm_subscriber.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/openbsc/src/libmsc/gsm_subscriber.c b/openbsc/src/libmsc/gsm_subscriber.c
index af32633de..41a8236e2 100644
--- a/openbsc/src/libmsc/gsm_subscriber.c
+++ b/openbsc/src/libmsc/gsm_subscriber.c
@@ -136,7 +136,14 @@ int subscr_rx_paging_response(struct msgb *msg,
pr = (struct gsm48_pag_resp *)gh->data;
/* Secure the connection */
- return gsm48_secure_channel(conn, pr->key_seq, subscr_paging_sec_cb, NULL);
+ if (subscr_authorized(conn->subscr))
+ return gsm48_secure_channel(conn, pr->key_seq,
+ subscr_paging_sec_cb, NULL);
+
+ /* Not authorized. Failure. */
+ subscr_paging_sec_cb(GSM_HOOK_RR_SECURITY, GSM_SECURITY_AUTH_FAILED,
+ msg, conn, NULL);
+ return -1;
}
struct subscr_request *subscr_request_channel(struct gsm_subscriber *subscr,